package com.lute.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.security.oauth2.common.json.JSONException;
import org.springframework.security.oauth2.common.json.JSONObject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.lute.model.Approver;
import com.lute.model.ClientAccountingPeriodState;
import com.lute.model.Employee;
import com.lute.model.MailTemplate;
import com.lute.utils.SendMail;
import com.lute.utils.ServerErrorResponse;

@Controller
public class EmployeeProfileUpdateApproverServlet {


	@RequestMapping(value="/employeeProfileUpdateApprover", method= RequestMethod.POST, headers="Content-type=application/json") 
	public @ResponseBody String employeeProfileUpdateApprover(@RequestBody String jsonFromUI, HttpServletRequest request) throws JSONException {
		String result = "";
		JSONObject jsonReq;
		JSONObject jsonRes = new JSONObject();
		
		HttpSession session = request.getSession(false);
		if(session == null) {
			jsonRes.put("result", ServerErrorResponse.USER_NOT_LOGGED_IN.toString());
			result = jsonRes.toString();
			return result;
		}
		
		try {
			jsonReq = new JSONObject(jsonFromUI);
		} catch (JSONException e){
			jsonRes.put("result", ServerErrorResponse.MALFORMED_REQUEST.toString());
			result = jsonRes.toString();
			return result;
		}
		
		// withdraw from JSON: employee email, employee Id
		String email = jsonReq.getString("email");
		int employeeId = Integer.parseInt(jsonReq.getString("employeeId"));
		
		// withdraw from session: ApproverID, role

		// these are values for GETPERSON.JSP testing
//		 int sessionApproverId = 3;
//		 String sessionApproverRole = "approver";
		int sessionApproverId = (Integer)session.getAttribute("sessionUserId");
		String sessionApproverRole = (String)session.getAttribute("role");
		
		try {
			
			if (sessionApproverRole.equals("approver")) {
				// check, if employee belongs to approver's list of employees 
				if(Approver.checkPrivilege("id_user", sessionApproverId , employeeId)) {
					//System.out.println("has privilege");
					// email validation, email change, send test email
					if (SendMail.getInstance().isValidEmailAddress(email)) {
						if (Employee.updateEmail("id_user", employeeId, "employee", email)) {
							Employee employee = Employee.getEmployeeFromDB("id_user", employeeId);
							
							String toSubject = MailTemplate.NEW_EMPLOYEE_TO_EMPLOYEE_SUBJECT.toString();
							toSubject = toSubject + " " + employee.getFirst_name() + " " + employee.getLast_name();
							String toBody = MailTemplate.EMPLOYEE_CHANGED_EMAIL_ADDRESS_BODY.toString();
							
							SendMail.getInstance().sendMailTo(email,toSubject,toBody);
							
							jsonRes.put("result", "OK");
							result = jsonRes.toString();
						} else {
							jsonRes.put("result", ServerErrorResponse.MALFORMED_REQUEST.toString());
							result = jsonRes.toString();
							return result;
						}
					} else {
						jsonRes.put("result", ServerErrorResponse.INVALID_EMAIL.toString());
						result = jsonRes.toString();
						return result;
					}
					
					// TODO
					// other cases in change profile mode
				}
			}
			else {
				jsonRes.put("result", ServerErrorResponse.USER_NOT_ENTITLED.toString());
				result = jsonRes.toString();
				return result;
			}
		}catch(NullPointerException npe) {
			jsonRes.put("result", ServerErrorResponse.INTERNAL_ERROR.toString());
			result = jsonRes.toString();
			System.out.println(result);
			return result;
		}
		
		return result;
	}
}
